每日安全动态推送(12-29)

渗透技巧 2年前 (2021) admin
798 0 0
Tencent Security Xuanwu Lab Daily News


• CVE-2021-44832 – Apache Log4j 2.17.0 Arbitrary Code Execution via JDBCAppender DataSource Element | Checkmarx.com:
https://checkmarx.com/blog/cve-2021-44832-apache-log4j-2-17-0-arbitrary-code-execution-via-jdbcappender-datasource-element/

   ・ Apache Log4j 2.17.0 JDBCAppender CVE-2021-44832 任意代码执行漏洞 – Jett


• hmgle/graftcp:
https://github.com/hmgle/graftcp

   ・ 将指定进程 TCP 连接重定向到 SOCKS5 或 HTTP 代理 – Jett


• [Attack] A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard – Check Point Research:
https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/

   ・ Checkpoint 对 APT31 DoubleFeature 模块的分析 – Jett


• Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons:
https://isc.sans.edu/diary/rss/28180

   ・ 攻击者利用 MSBuild 逃逸检测传播 Cobalt Strike – Jett


• CVE-2021-30853漏洞深入分析(译文):
https://tttang.com/archive/1388/

   ・ CVE-2021-30853漏洞深入分析(译文) – lanying37


• 2021: Looking back on the year in malware and cyber attacks, from SolarWinds to Log4j:
http://blog.talosintelligence.com/2021/12/2021-looking-back-on-year-in-malware.html

   ・ Talos 对 2021 年的恶意软件、网络攻击、重要漏洞的总结回顾 – Jett


• Winning the Impossible Race – An Unintended Solution for Includer’s Revenge / Counter (hxp 2021):
https://lewin.co.il/winning-the-impossible-race-an-unintended-solution-for-includers-revenge-counter-hxp-2021/

   ・ hxp CTF 比赛 PHP LFI 漏洞的利用 – Jett


• Lab M10. Integer Arithmetic Part 1: High-speed Multiplication and Division:
http://www.c-jump.com/CIS77/MLabs/M10arithmetic/lecture.html

   ・ Lab M10. Integer Arithmetic Part 1: High-speed Multiplication and Division. – lanying37


• [macOS, iOS] Slides/Batch_find_macO_iOS_kernel_info_leak.pdf at main · maldiohead/Slides:
https://github.com/maldiohead/Slides/blob/main/Batch_find_macO_iOS_kernel_info_leak.pdf

   ・ 研究员 maldiohead 前两年关于 macOS/iOS 内核信息泄露漏洞挖掘的分享 – Jett


• [Attack] Garrett Walk-Through Metal Detectors Can Be Hacked Remotely:
https://thehackernews.com/2021/12/garrett-walk-through-metal-detectors.html

   ・ 安全研究人员近期发现在Garrett 金属探测器的网络组件存在中多个安全漏洞,该漏洞对用户数据存在的安全威胁。 – lanying37


• 魔形女:
http://paper.seebug.org/1801/

   ・ 针对魔形女漏洞研究。 – lanying37


• Assume Role Logic:
https://hackingthe.cloud/aws/general-knowledge/assume_role_logic/

   ・ Hacking The Cloud – AWS 云环境安全测试教程 – Jett


• 用DTA照亮DNS威胁分析之路 (1):
https://blog.netlab.360.com/use_dta_to_illuminate_the_path_of_dns_threat_analysis_1/

   ・ 用DTA照亮DNS威胁分析之路 (1) – lanying37


• Fuzzing of the TEE driver:
https://github.com/pjlantz/optee-qemu

   ・ CVE-2021-44733: Fuzzing and exploitation of a use-after-free in the Linux kernel TEE subsystem – Jett


• Introduction:
https://0xinfection.github.io/reversing/

   ・ Reverse Engineering For Everyone! – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-29)

版权声明:admin 发表于 2021年12月29日 上午4:12。
转载请注明:每日安全动态推送(12-29) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...